Wednesday, May 6, 2020
OS category Management
Question: à ¢Ã¢â¬âà ¾ Based on the systems overview, identify and describe at least 3 security tools for each OS category (UNIX, open source, and Windows) that can be used at the operating system level to protect the systems, users, and data from security threats. Answer: Introduction The use of computer is consistently increasing in this modern era; the computer has great impact on every sphere of human life. In daily life, in business and in education the computer is massively used. With the ever increasing use of computer, the essentiality of proper security of the computer, the information and data within the computer is increasing (Bott and Siechert, 2002). As there are several different types of computer viruses present, and new viruses are developing constantly by the virus programmers; therefore the security of computer become foremost important. Beside this, the hacking activities are also increasing in these days as the hackers are hugely proactive in present scenario and the hackers used to theft the necessary information and data. Therefore, many sophisticated security tools are developed, for the example: firewalls, intrusion detection system, virtual private networks etc. Apart from this, the security for the operating system is most crucial and the security tools of the operating system are the most significant security components for the overall security programme. As the company AA currently using Windows, Unix and open source operating system the company has significant security threat and the security practitioner must select the correct tools to minimize the security risk (Calder, 2008). The operating system is mainly the foundation for the other software, which runs on a computer machine. Thus the security for the operating system is one of the most important aspects and one of the most significant challenges for the security practitioner. Security system for Unix The UNIX is typical operating system, which is generally made up of three essential parts, which are kernel, shell and the program. Kernel of UNIX is considered to be the primary hub of the operating system, which helps to properly allocate and distribute the time and the memory to the program, and systematically handle the overall file storage parts and core communication with the proper response to the overall system call (Wood and Kochan, 1985). On the other hand, shell clearly response at the core interface between the kernel and the users. UNIX provides multiuser operating system, which help to provide the protection to the several users and help to enable the overall protection of the core system services from the key users. UNIX system security is primarily divided into three main core areas out of which two account security and network security are considered primary as these are related with restricting the unauthorised user from getting the authorised access. The third and the most significant areas of the concern related to the security of the UNIX is the file security system which help to restrict the unauthorized access either with the help of authorised person or with the help of crackers to gain the access of the stored data in the system (Chen and Gong, 2012). Physical security is often considered to one the internal security, which is frequently, overlooked which make the security more vulnerable for someone to get the access of the authorized data and files. This is the one of the most basic and simple types of security, which is required to be implemented and should be taken care and included on the security plan. Console security is considered one of the most significant part of the security of the UNIX. Machine and console are required to be secure as any unauthorised person can get the access of the authorised document and file. For the particular reason the computer and related console should be kept on the core secure room. The security system of UNIX is systematically divided into different parts according to the function of the users. Each user contain their significant set of files which provide platform for the overall operation which eventually help to express who else can have the access (Duffy, 2003). Hence, all the users core process run according to the users. System on the other hand own a group or a set of key files which help the root users to proper defined the system core principal and grant the overall access of different significant thing which eventually help to provide a key secure environment. Core users can properly invoke the overall system services, which are required to switch the root users. Data security is one of the major issue as the companies that are concerned with data and value the data required a clearly and precise backup recovery plan (Farrokhi, Bogorodskiy and Pradeep, 2008). One of the most simple and basic step to get the access of the companies data and file is the back tapes which are required to be safe, therefore all the sensitive and authorised data of the company should be locked in a cabinet . Security system for Open source The security practitioners face a significant threat in process of protecting the computers from the open sources. The security practitioner must have the adequate security skill so that they can protect the computer from the unauthorised programs, viruses and hackers (Harrington, 2007). In order to protect the computers the security practitioners have to establish few basic defences for protecting the network from the outsider and then come the ensuring of the security of the servers and the inside part of the network. Owing to this, the security practitioners have to build a firewall system for the internet connection. For this purpose, there should be necessary configuration, which allows the machine connection only from the internal network (Howlett, 2005). Beside this, the entire incoming connections, which are not requested from the internal network, must be totally blocked. The virtual private network via the firewall system also be helpful for ensuring secure connection from the outside network. This will helpful in securing the computers from the primary attacks for the internet. After that, the security practitioners have to assess the overall security of the computers the security hole or issues and it is necessary to recognize the places, where the burglar can getting in. In this position, the firewall is quite capable to protect the internal machines from random burglary. The open source software is generally the software which source code is open as well as available to anybody. The open source software are usually freely redistributable and must permit to distribute as source code along with the compiled form. Beside this, the essential licence must permit alternation as well as in order to generated derivatives from the source code. There are various security components, which are developed for the open source community (Jaeger, 2008). The popular open source security tools are as follows: firewalls like iptables, intrusion detecting system like Snort, network monitoring components like MRTG ( multi router traffic grapher) and security assessment tools like Nikto in order to scanning web server. The features of general availability of open source software provide sufficient chance to the criminals and attackers to investigate the source code and destroy the vulnerabilities. Therefore, the open source community provide utmost efforts to enhance the quality of the software and the security of the software to minimize the vulnerabilities in the application software and the computer machine. In order to ensure the safe use of the open source products in any company, the company must maintain few security policies such as, establish a well structured software security policy and must ensure that the policy should be strictly adhered. Only from the trusted site the open source security tools can be downloaded. Download only the source code instead of downloading the complied form (Jones and Ashenden, 2005). Examine the general s ecurities vulnerabilities in regular basis. The security practitioner should adopt defence in depth strategy thus variety of threats at various stages can be completely addressed. Security system for Windows Window operating system is the most prevalent and used operating system around the globe. The users of window are more compared to other operating system. The windows operating system is therefore considered one of highly vulnerable for security breach (Vacca, 2014). Window security context is very crucial and effective. One of the simplest tenets of window security is that each single process operates on the presence of users. Therefore, each process is related with the overall security context. Security context is a bit of cached data, which is related with the user consisting of SID, group SIDs and privileges (Manzuik, Gold and Gatford, 2007). The core security principal is considered to be one of the significant entity which help to determine and identify the security with the help of proper techniques eventually termed as authentication. Security principal in window is considered to be assigned on a significant process by process system with the help of kernel object which is te rmed as token. Single users or group account in the computer is considered as the security principal on the system, which is running on window operating system. Security principal connects and receives significant permission, which helps to grant access to the overall resources present in the computer such as document, file and folders. The overall working and execution of these authorised permission and significant right is considered to define what actually security principal significance and what are their proper role and responsibilities in performing the security in window operating system (Nipkow, Grumberg and Hauptmann, 2012). In windows operating system there are three core basic types of security principal, which are user principals, machine principal and service principals. Security identifiers in the users reference is the accounts with the help of usernames however the operating systems is internally takes reference in their accounts with the help of security identifiers. SID are considered to be unique in their primary domain and locals and are never used again which eventually makes them more uniquely identified users and the group account in windows. Security related to the account used in windows operating system are considered to be core unit of network security (Silberschatz, Galvin and Gagne, 2005). Domain account are stored in significant active directory database. Onm the other hand the local account is stored in the security account manager database making it more secured for authorised personnel. Account lockout policies, password policies are some of the security tool, which are, embedded in the windows operating system to provide more security to the user of the computer. Conclusion The security for the operating system is most important as the operating system is the base for the other software of the computer system. The security means protect the computer from the unauthorized entities to do anything that the computer owner does not want (Wilfred, 2003). As any unauthorized access can harm the availability, integrity and confidentiality the internal characteristic of the computer protect the operating system of the computer from the unauthorized access. Moreover, this is essential for the security of the computer but not sufficient. For ensuring security the files must be encrypted by the users and only can be opened by providing proper password. In recent time many new inventions take places in this segment biometrics is the most advance and more powerful in this segment. Fingerprints readers are most common in these days and the iris scans are the most secure. The biometrics is most efficient if locally stored. There are several viruses and threat like Troj an horses, buggy software and login spoofing and these are significant threat for the computer system, cause severe damage to the machine (Wood and Kochan, 1985). In addition to that, as the company AA currently using Windows, Unix and open source operating system the company has significant security threat and the security practitioner must select the correct tools to minimize the security risk. References Bosworth, S. and Kabay, M. (2002). Computer security handbook. New York: John Wiley Sons. Bott, E. and Siechert, C. (2002). Microsoft Windows security inside out for Windows XP and Windows 2000. Redmond, Wash.: Microsoft Press. Calder, A. (2008). Ten rules of information security for the smaller business. Ely: IT Governance Pub. Chen, L. and Gong, G. (2012). Communication system security. Boca Raton, FL: CRC Press. Clercq, J. (2004). Windows Server 2003 security infrastructures. Amsterdam: Digital Press, an imprint of Elsevier. Duffy, M. (2003). Getting started with openVMS system management. Boston: Digital Press. Farrokhi, B., Bogorodskiy, R. and Pradeep, D. (2008). Network administration with FreeBSD 7. Birmingham, U.K.: Packt Pub. Harrington, J. (2007). Ethernet networking for the small office and professional home office. Amsterdam: Morgan Kaufmann Publishers/Elsevier. Howlett, T. (2005). Open source security tools. Upper Saddle River, NJ: Prentice Hall. Jaeger, T. (2008). Operating system security. [San Rafael, Calif.]: Morgan Claypool Publishers. Jones, A. and Ashenden, D. (2005). Risk management for computer security. Amsterdam, Netherlands: Elsevier Butterworth-Heinemann. Manzuik, S., Gold, A. and Gatford, C. (2007). Network security assessment. Rockland, Mass.: Syngress Pub. Nipkow, T., Grumberg, O. and Hauptmann, B. (2012). Software safety and security. Amsterdam: IOS Press. Silberschatz, A., Galvin, P. and Gagne, G. (2005). Operating system concepts. Hoboken, NJ: J. Wiley Sons. Smith, B. and Komar, B. (2003). Microsoft Windows security resource kit. Redmond, Wash.: Microsoft Press. Vacca, J. (2014). Network and system security. Amsterdam: Syngress. Wilfred, A. (2003). Solaris 9 security. Cincinnati, Ohio: Premier. Wood, P. and Kochan, S. (1985). UNIX system security. Hasbrouck Heights, N.J.: Hayden Book Co.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.